CVSS: 9.4EPSS: 1%CPEs: 3EXPL: 0CVE-2021-32642 – Missing input validation in dynamic discovery example scripts.
https://notcve.org/view.php?id=CVE-2021-32642
28 May 2021 — radsecproxy is a generic RADIUS proxy that supports both UDP and TLS (RadSec) RADIUS transports. Missing input validation in radsecproxy's `naptr-eduroam.sh` and `radsec-dynsrv.sh` scripts can lead to configuration injection via crafted radsec peer discovery DNS records. Users are subject to Information disclosure, Denial of Service, Redirection of Radius connection to a non-authenticated server leading to non-authenticated network access. Updated example scripts are available in the master branch and 1.9 r... • https://github.com/radsecproxy/radsecproxy/security/advisories/GHSA-56gw-9rj9-55rc • CWE-20: Improper Input Validation CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0CVE-2012-4523
https://notcve.org/view.php?id=CVE-2012-4523
20 Nov 2012 — radsecproxy before 1.6.1 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, which might allow remote attackers to bypass intended access restrictions and spoof clients. radsecproxy antes de v1.6.1 no verifica correctamente certificados cuando hay bloques de configuración con la configuración de CA que no están relacionados con el bloque que está siendo utilizado para comprobar la cadena de... • http://secunia.com/advisories/51251 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2012-4566
https://notcve.org/view.php?id=CVE-2012-4566
20 Nov 2012 — The DTLS support in radsecproxy before 1.6.2 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, which might allow remote attackers to bypass intended access restrictions and spoof clients, a different vulnerability than CVE-2012-4523. El soporte DTLS en radsecproxy antes de v1.6.2 no verifica correctamente certificados cuando hay bloques de configuración con la configuración de CA que no e... • http://git.nordu.net/?p=radsecproxy.git%3Ba=commit%3Bh=3682c935facf5ccd7fa600644bbb76957155c680 • CWE-264: Permissions, Privileges, and Access Controls •